Global Cybersecurity 2017Assurance Report Card

Executive Summary

In 2016, Tenable Network Security introduced its groundbreaking Global Cybersecurity Assurance Report Card to measure the attitudes and perception of 504 enterprise IT security practitioners across the globe.The report quantifies how security professionals rate their enterprise’s ability to both assess cybersecurity risks and mitigate threats.These scores were combined to produce a report card score on global cybersecurity status — whether or not the world’s cyber defenses are meeting expectations.

Reduced Confidence in Global Cyber Readiness

The 2017 Tenable Network Security Global Cybersecurity Assurance Report Card updates the 2016 findings.Tenable surveyed 700 security practitioners, assigning indices and grades based by country and industry.The data reflects an overall decline in perceptions of global cyber readiness, fueled by a pronounced inability to assess and mitigate cyber risks across the evolving IT landscape.

Collectively, participants scored just 61% on the Risk Assessment Index, a drop of 12% from 2016, and 79% on the Security Assurance Index, which remains unchanged.The average overall score, 70%, represents a six percent decline from last year.

Download the Full Report

Key Takeaways

70%

Global Cybersecurity Assurance Report Card

The average overall score, 70%, represents a six percent decline from last year.

61%

Global Risk Assessment Index

This metric represents the organization’s ability to assess cybersecurity risks across 11 key components of enterprise IT infrastructure.Collectively, participants scored just 61% on the Risk Assessment Index, a drop of 12% from 2016.

79%

Global Security Assurance Index

This figure, which is unchanged from last year, represents the organization’s ability to mitigate threats by investing in security infrastructure fueled by executive and board-level commitment.

This can be explained, in part, by the accelerated adoption of cloud and mobile computing, combined with the emergence of DevOps and containers that increase the complexity and decentralization of enterprise IT.Together, these advances make it more difficult for security teams to see everything on their networks and accurately assess cyber risks.

Overwhelming Threat Environment Remains Top Challenge

These challenges are further complicated by the constantly evolving and expanding threat landscape – the number one challenge for security pros for the second consecutive year.This heightened technological complexity creates even more opportunity for attackers to exploit gaps in security coverage, leaving all organizations vulnerable to compromise and breach, regardless of the size of their security investments.

As data from the 2017 Tenable Network Security Global Cybersecurity Assurance Report Card show, it has become more critical than ever for global businesses and government organizations to not understand the threats aligned against them, but to also have realistic methods to assess their own cybersecurity strengths and weaknesses.

By Country

A comparison of 2017 and 2016 results for Risk Assessment, Security Assurance and Overall Scores, broken out by country.Key takeaways show India, which was not surveyed in 2016, debuting in 2017 with the highest overall score at 84% (B), while last year’s leader, the United States, fell two points to second place, with a score of 78% (C+).Germany reported a 10 point drop to 62% (D-), while Japan, another new 2017 addition, reported confidence levels of 48% (F), the lowest of all nine countries surveyed.

Global

印度

USA

加拿大

法國

澳洲

UK

新加坡

德國

日本

Risk Assessment

61%

73%

70%

67%

67%

64%

59%

68%

44%

43%

資安風險評量表

79%

96%

85%

83%

80%

78%

73%

60%

79%

52%

Overall Score

70%

84%

78%

75%

74%

71%

66%

64%

62%

48%

Overall Grade

C-

B

C+

C

C

C-

D

D

D-

F

2016 Grade

C

n/a

B-

C+

n/a

D+

C

C-

C-

n/a

By Industry

Participant scores broken out by country, comparing 2017 and 2016 results.Notably, six of the seven industries surveyed reported lower scores in 2017.Telecom and Financial Services, last year’s top scorers, showed the largest drops in confidence in 2017, while Retail confidence levels lost just one point, assuming first place with a score of 76 (C).

零售業

Financial Services

Manufacturing

Telecom

Health Care

教育

政府

Risk Assessment

66%

59%

59%

60%

54%

64%

59%

資安風險評量表

86%

85%

86%

81%

76%

63%

67%

Overall Score

76%

72%

72%

70%

65%

64%

63%

Overall Grade

C

C-

C-

C-

D

D

D

2016 Grade

C+

B-

C

B-

C

D

D

Methodology

In partnership with Tenable Network Security, CyberEdge Group developed a 12-question web-based survey instrument.The survey was promoted to information security professionals across nine countries and three geographic regions:United States and Canada (North America), United Kingdom, Germany and France (Europe), and Australia, Singapore, Japan and India (Asia Pacific).The survey was translated for non-English-speaking target audiences.

The online survey was conducted in 2016年10月.Each respondent met two demographic requirements:(1) employed at an organization with 1,000+ employees globally and (2) held an IT security position (i.e., not an IT generalist).Respondents who failed to meet either of these criteria were exited from the survey.

Sample Sizes

Respondents were derived from 19 industries and nine countries.Each country and industry referenced in this report included a minimum of 25 responses.Responses from industries with fewer than 25 responses were reported in the aggregate, globally and by country.

Analysis

Scores were calculated by adding the percentages of the two most-favorable responses of associated questions.Risk Assessment Scores are associated with 11 IT components depicted in question 6 (see Appendix 3).Security Assurance Scores are associated with questions 7-12.

Survey Demographics

Countries

Newly added this year were participants from France, Japan and India.Of the 700 total respondents, 43% were based in North America (U.S. & Canada), 32% in Europe (U.K., Germany and France), and 25% in Asia Pacific (Australia, Singapore, Japan and India).